US reveals bespoke tool that took down Russian malware operation
Snake had been used to steal NATO countries’ data for 20 years
The US Department of Justice (DoJ) has revealed details of a joint operation in which Western agencies used a custom tool to destroy a decades-old Russian malware operation.
Use of a tool named PERSEUS nullified a worldwide network of devices that had been infected with the Snake malware by threat actors in the group Turla.
A number of agencies including the NSA, FBI, and the Cybersecurity and Infrastructure Security Agency (CISA) led the operation codenamed Medusa.
Snake had been used to exfiltrate sensitive information from devices across 50 or more countries, including NATO governments and journalists, but the FBI-created PERSEUS was used to force the malware to overwrite its data without damaging infected devices.
Turla has been linked directly with the Federal Security Service of the Russian Federation (FSB) and has used Snake since 2003.
“For 20 years, the FSB has relied on the Snake malware to conduct cyber espionage against the United States and our allies – that ends today,” said Matthew G. Olsen, assistant attorney general, at the Justice Department’s National Security Division.
“The Justice Department will use every weapon in our arsenal to combat Russia’s malicious cyber activity, including neutralising malware through high-tech operations, making innovative use of legal authorities, and working with international allies and private sector partners to amplify our collective impact.”
Snake is able to function on Windows, macOS, and Linux under a high level of stealth, and has been operated in a…
How The Dridex Gang Makes Millions From Bespoke Ransomware
|
The Rise of Bespoke Ransomware
|
Hackers Get Personal With Bespoke Malware Attacks – Businessweek
Hackers Get Personal With Bespoke Malware Attacks
Businessweek … Marquis-Boire, the researcher who in 2012 used malware samples obtained by Bloomberg News to show that Bahraini activists had been targeted by FinSpy, a product marketed to governments for the purpose of secretly taking over computers and phones. |